本格堅守四不一沒有政治主張:不知道、不清楚、不瞭解、不明白、沒有我的事!
[ start | index | login or register ]
start > 2007-12-03 > 1

是 phpMyAdmin 有漏洞還是有人想賭預設設定?

Created by Ada. Last edited by Ada, one year and 38 days ago. Viewed 247 times. #2
[diff] [history] [edit] [rdf]
labels
Parent:Security
attachments

是 phpMyAdmin 有漏洞還是有人想賭預設設定?

今天檢查前兩天的 Server Access Log 後發現以下這串記錄,看起來是在測試 phpMyAdmin 各系列的管理界面。不知道是因為 phpMyAdmin 被找出程式碼漏洞,還是說有人純粹想要賭看看系統管理員忘了修改預設帳密。

不管怎樣,各位使用 PHP 系統的管理員最好順便檢查一下有沒有被踹的記錄,或者順便先把來源 IP(這裡是 219.87.132.235)給封了吧! 

*.*.*.* - - [30/Nov/2007:21:07:34 +0000] "GET /admin/phpmyadmin/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:34 +0000] "GET /admin/phpMyAdmin/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:34 +0000] "GET /admin/sysadmin/main.php HTTP/1.0" 404 1018 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:34 +0000] "GET /admin/sqladmin/main.php HTTP/1.0" 404 1018 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:34 +0000] "GET /admin/db/main.php HTTP/1.0" 404 1000 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:34 +0000] "GET /admin/web/main.php HTTP/1.0" 404 1003 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:34 +0000] "GET /admin/pMA/main.php HTTP/1.0" 404 1003 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:35 +0000] "GET /admin/main.php HTTP/1.0" 404 991 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:35 +0000] "GET /admin/mysql/main.php HTTP/1.0" 404 1009 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:35 +0000] "GET /admin/myadmin/main.php HTTP/1.0" 404 1015 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:35 +0000] "GET /admin/webadmin/main.php HTTP/1.0" 404 1018 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:35 +0000] "GET /admin/sqlweb/main.php HTTP/1.0" 404 1012 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:35 +0000] "GET /admin/websql/main.php HTTP/1.0" 404 1012 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:35 +0000] "GET /admin/webdb/main.php HTTP/1.0" 404 1009 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:36 +0000] "GET /admin/mysqladmin/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:36 +0000] "GET /admin/mysql-admin/main.php HTTP/1.0" 404 1027 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:36 +0000] "GET /admin/phpmyadmin2/main.php HTTP/1.0" 404 1027 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:36 +0000] "GET /admin/php-my-admin/main.php HTTP/1.0" 404 1030 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:36 +0000] "GET /admin/phpMyAdmin-2.2.3/main.php HTTP/1.0" 404 1042 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:36 +0000] "GET /admin/phpMyAdmin-2.2.6/main.php HTTP/1.0" 404 1042 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:36 +0000] "GET /admin/phpMyAdmin-2.5.1/main.php HTTP/1.0" 404 1042 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:37 +0000] "GET /admin/phpMyAdmin-2.5.4/main.php HTTP/1.0" 404 1042 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:37 +0000] "GET /admin/phpMyAdmin-2.5.6/main.php HTTP/1.0" 404 1042 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:37 +0000] "GET /admin/phpMyAdmin-2.6.0/main.php HTTP/1.0" 404 1042 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:37 +0000] "GET /admin/phpMyAdmin-2.6.0-pl1/main.php HTTP/1.0" 404 1054 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:37 +0000] "GET /admin/phpMyAdmin-2.6.2-rc1/main.php HTTP/1.0" 404 1054 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:37 +0000] "GET /admin/phpMyAdmin-2.6.3/main.php HTTP/1.0" 404 1042 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:37 +0000] "GET /admin/phpMyAdmin-2.6.3-pl1/main.php HTTP/1.0" 404 1054 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:38 +0000] "GET /admin/phpMyAdmin-2.6.3-rc1/main.php HTTP/1.0" 404 1054 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:38 +0000] "GET /admin/padmin/main.php HTTP/1.0" 404 1012 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:38 +0000] "GET /admin/datenbank/main.php HTTP/1.0" 404 1021 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:38 +0000] "GET /admin/database/main.php HTTP/1.0" 404 1018 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:38 +0000] "GET /phpmyadmin/main.php HTTP/1.0" 404 1006 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:38 +0000] "GET /phpMyAdmin/main.php HTTP/1.0" 404 1006 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:38 +0000] "GET /db/main.php HTTP/1.0" 404 982 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:39 +0000] "GET /web/main.php HTTP/1.0" 404 985 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:39 +0000] "GET /sql/main.php HTTP/1.0" 404 985 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:39 +0000] "GET /msql/main.php HTTP/1.0" 404 988 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:39 +0000] "GET /PMA/main.php HTTP/1.0" 404 985 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:39 +0000] "GET /admin/main.php HTTP/1.0" 404 991 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:39 +0000] "GET /mysql/main.php HTTP/1.0" 404 991 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:39 +0000] "GET /myadmin/main.php HTTP/1.0" 404 997 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:40 +0000] "GET /webadmin/main.php HTTP/1.0" 404 1000 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:40 +0000] "GET /sqlweb/main.php HTTP/1.0" 404 994 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:40 +0000] "GET /websql/main.php HTTP/1.0" 404 994 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:40 +0000] "GET /webdb/main.php HTTP/1.0" 404 991 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:40 +0000] "GET /mysqladmin/main.php HTTP/1.0" 404 1006 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:40 +0000] "GET /mysql-admin/main.php HTTP/1.0" 404 1009 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:40 +0000] "GET /phpmyadmin2/main.php HTTP/1.0" 404 1009 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:41 +0000] "GET /php-my-admin/main.php HTTP/1.0" 404 1012 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:41 +0000] "GET /phpMyAdmin-2.2.3/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:41 +0000] "GET /phpMyAdmin-2.2.6/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:41 +0000] "GET /phpMyAdmin-2.5.1/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:41 +0000] "GET /phpMyAdmin-2.5.4/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:41 +0000] "GET /phpMyAdmin-2.5.6/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:41 +0000] "GET /phpMyAdmin-2.6.0/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:42 +0000] "GET /phpMyAdmin-2.6.0-pl1/main.php HTTP/1.0" 404 1036 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:42 +0000] "GET /phpMyAdmin-2.6.2-rc1/main.php HTTP/1.0" 404 1036 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:42 +0000] "GET /phpMyAdmin-2.6.3/main.php HTTP/1.0" 404 1024 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:42 +0000] "GET /phpMyAdmin-2.6.3-pl1/main.php HTTP/1.0" 404 1036 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:42 +0000] "GET /phpMyAdmin-2.6.3-rc1/main.php HTTP/1.0" 404 1036 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:42 +0000] "GET /phpMyAdmin-2.10.2-all-languages-utf-8-only/main.php HTTP/1.0" 404 1102 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:42 +0000] "GET /phpMyAdmin-2.10.2/main.php HTTP/1.0" 404 1027 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:42 +0000] "GET /padmin/main.php HTTP/1.0" 404 994 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:44 +0000] "GET /datenbank/main.php HTTP/1.0" 404 1003 "-" "-"
*.*.*.* - - [30/Nov/2007:21:07:44 +0000] "GET /database/main.php HTTP/1.0" 404 1000 "-" "-"
5 comments (by Ada, jojoyakira, ming) | post comment
see also:
1


【求助】

  1. 如何指定格式化的文字
  2. 如果字太小
【SnipSnap 強化方案】
>>SnipIt 誕生
>>功能討論
>>功能確認

Recently Changed

< January 2009 >
SunMonTueWedThuFriSat
123
45678910
11121314151617
18192021222324
25262728293031

【RSS 訂閱】




【雜想分類區】
美食小吃
生活雜想
職場遭遇戰
休閒娛樂
台北居、大不易
錯誤正在橫行中
廣告異聞錄
神秘事件簿
電影
健康管理
資訊電腦
科高地球
手機應用
新聞馬後炮
動漫世界
管理眾人之事
專案管理
歌曲歌詞
嘸爽啦!
部落格記錄
惡搞裝笨耍白爛
歧視非IE用戶之網頁
關於我
CSS
RSS

【與 Ada 聯絡】

【Windows 多媒體播放工具】
介紹:多功能免費媒體播放工具 MyMPC 2006 安裝介紹
下載(1):>>MyMPC 20060117 簡、繁、英三合一安裝版
下載(2):>>MyMPC 20060117 簡、繁、英三合一安裝版

【Firefox 擴充套件自動安裝服務】
>>建議擴充套件介紹
>>擴充套件分類介紹
※更新日期:2007-04-12

【有趣的 Blog】
>>什麼都破,什麼都爛,什麼都不奇怪
>>酪梨壽司的日記
>>去吧!錯誤特攻隊!
>>隨裕而安
>>荒謬大觀
>>網路黑貓
>>瑞克梅添涼 DALIREAL
>>鳥毅的blog
>>潛艦 - >>反垃圾信
>>窮留學生懶人食譜
>>約耳談軟體

【工具網站】
>>dns checker
>>美國街道電子地圖

【網路貼紙】
XHTML 1.0 validated CSS validated
RSS 2.0 validated Powered by SnipSnap
Powered by Gentoo Linux
網站使用 UTF-8 編碼 網站所在地-台灣
Onion Club 洋蔥酷樂部 Powered By PostgreSQL
我是台灣人

【網路同盟】
怠墮管理者同盟

【PCDVD 七八區 RSS】




【PCDVD 疑雜區 RSS】




【網路串連】









【參訪團】

snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt